If there is a sad emoji with money flying away, Facebook may find it appropriate.
Mark Zuckerberg’s company is being investigated for a violation of privacy compliance because of that leak – more of a flood – that was found to have revealed personal data from 533 million people.
The European Union’s leading privacy regulator, Ireland’s Data Protection Commission, is looking into whether Facebook broke the law in its handling of that leak.
If the social media behemoth is found to be in violation of EU rules, it could face billions in fines — possibly 4% of its $86 billion global revenue.
How likely is that to happen?
A DPC said those rules “may have been, and/or are being, infringed in relation to Facebook Users’ personal data.”
Earlier this month, Business Insider broke the story of personal data dumped, and available for free, in a hacking forum. Among the key pieces in the breach were phone numbers that users didn’t make public on Facebook profiles.
A Facebook spokesperson said in a statement to Insider: “We are cooperating fully with the IDPC in its enquiry, which relates to features that make it easier for people to find and connect with friends on our services. These features are common to many apps and we look forward to explaining them and the protections we have put in place.”
Facebook users can’t be certain whether their information is included. The company does not plan to notify the hundreds of millions affected because users can’t really fix the problem — their data, if included, already was published online.
But this investigation will look into Facebook’s legal obligation to notify users and European regulators.
The DPC said questioning has begun and, according to a Business Insider story, that Facebook has “furnished a number of responses.”